Lucene search
K

1370 matches found

BDU FSTEC
BDU FSTEC
added 2023/07/28 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain read access to data and modify it.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves errors in processing input data. Exploiting this vulnerability can allow an attacker to gain read access to data and modify it...

6.4CVSS6.8AI score0.00327EPSS
Exploits0References4Affected Software1
Microsoft CVE
Microsoft CVE
added 2023/07/26 7:0 a.m.3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.42 and prior and 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H).

...

5.9CVSS6.8AI score0.01152EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2023/07/26 7:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).

...

3.1CVSS6.3AI score0.00835EPSS
Exploits0
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

ABB Abilit zenon 安全漏洞

ABB Abilit zenon is a secure operational data management platform from ABB that makes it easy to connect machines, infrastructure and production assets. A security vulnerability exists in ABB Abilit zenon build 11 through 11 build 106404, which stems from a vulnerability that allows a...

5.9CVSS5.7AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2023/07/18 9:15 p.m.1 views

CVE-2023-22042

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.3-12.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

6.1CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2023/07/18 9:15 p.m.8 views

AZL-27468 CVE-2023-22053 affecting package mysql for versions less than 8.0.34-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 5.7.42 and prior and 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

5.9CVSS6.4AI score0.01152EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 9:15 p.m.3 views

CVE-2023-22020

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

5.4CVSS7.3AI score0.0032EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 9:15 p.m.7 views

UBUNTU-CVE-2023-22053

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 5.7.42 and prior and 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

5.9CVSS6.5AI score0.01152EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.4 views

Oracle Java SE 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

3.7CVSS6.5AI score0.00395EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.6 views

The vulnerability of the IBM Robotic Process Automation software lies in its authentication procedures’ flaws, which allow attackers to gain read, modify, or delete access to data.

The vulnerability of the IBM Robotic Process Automation software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, or delete data...

3.3CVSS5.9AI score0.00394EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.3 views

Oracle Java SE 安全漏洞

Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE, which...

3.7CVSS5.6AI score0.01127EPSS
Exploits0References9
OSV
OSV
added 2023/07/11 3:15 a.m.5 views

CVE-2023-33987

An unauthenticated attacker in SAP Web Dispatcher - versions WEBDISP 7.49, WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.81, WEBDISP 7.85, WEBDISP 7.88, WEBDISP 7.89, WEBDISP 7.90, KERNEL 7.49, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.88, KERNEL 7.89, KERNEL...

9.4CVSS5.8AI score0.00578EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/07/04 2:10 a.m.6 views

SUSE CVE-2023-35947

Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the...

6.9CVSS9.1AI score0.00492EPSS
Exploits0References4
OSV
OSV
added 2023/06/28 6:15 p.m.4 views

CVE-2023-21183

In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.5 views

PT-2023-4250 · Sap · Sap Business One

Name of the Vulnerable Software and Affected Versions: SAP Business One B1i module version 10.0 Description: The issue is related to the lack of protection of the SQL query structure in the B1i Layer component of SAP Business One. This allows a remote attacker to send specially crafted queries to...

7.5CVSS7.5AI score0.00477EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/05/12 12:0 a.m.5 views

The vulnerability of the Routing Hub sub-component of the Oracle Banking Virtual Account Management component in the banking analytics system of the Oracle Financial Services Applications allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Routing Hub subcomponent of the Oracle Banking Virtual Account Management component in the banking analytics system of the Oracle Financial Services Applications is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to...

8.5CVSS6.8AI score0.00551EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.6 views

The vulnerability of the CreateOrConfigureAsync function on the Docker Desktop for Windows development and delivery platform allows a malicious actor to gain read, modify, or delete access to data.

The vulnerability of the CreateOrConfigureAsync function on the Docker Desktop for Windows development and delivery platform is related to errors in handling symbolic links with the DataFolder parameter. Exploiting this vulnerability may allow an attacker to gain read, modify, or delete access to...

6.4CVSS7.1AI score0.00332EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/04/23 9:15 p.m.2 views

CVE-2023-23753

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it...

9.8CVSS6.8AI score0.00798EPSS
Exploits1References2
OSV
OSV
added 2023/04/18 8:15 p.m.4 views

CVE-2023-21992

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Administer Workforce. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2023/04/18 8:15 p.m.1 views

CVE-2023-21988

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

3.8CVSS6.7AI score0.00316EPSS
Exploits0References1
Rows per page
Query Builder